[asterisk-dev] [Code Review] 2667: Add configuration for CORS allowed origins.

svnbot reviewboard at asterisk.org
Fri Jul 12 12:52:54 CDT 2013


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/2667/
-----------------------------------------------------------

(Updated July 12, 2013, 12:52 p.m.)


Status
------

This change has been marked as submitted.


Review request for Asterisk Developers and David Lee.


Changes
-------

Committed in revision 394189


Bugs: ASTERISK-21278
    https://issues.asterisk.org/jira/browse/ASTERISK-21278


Repository: Asterisk


Description
-------

Add configuration of allowed origins and validation of origins against that list.


Diffs
-----

  /trunk/res/res_stasis_http.c 393909 
  /trunk/res/stasis_http/config.c 393909 
  /trunk/res/stasis_http/internal.h 393909 

Diff: https://reviewboard.asterisk.org/r/2667/diff/


Testing
-------

Multiple (comma-delimited) values work, * works (even if somebody is silly, and puts it in a list), empty config option fails as expected (should it default to *?  Insecure by default vs more effort to configure).


Thanks,

Jason Parker

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20130712/b268220f/attachment.htm>


More information about the asterisk-dev mailing list